Get All Members of An Active Directory Security Group using PowerShell

Requirement: Get Active Directory Group Membership to list all users of an AD Group.

Get All Members of the AD Group using PowerShell:

In many organizations, security groups are used to manage access to resources. In this blog post, we will show you how to get all the members of an Active Directory security group using PowerShell.

Let’s use the PowerShell cmdlet Get-ADGroupMember to list all members from an AD security group.

#Variables
$ADGroup = "Crescent\Palo Alto"

#Extract AD Group Name
$ADGroupName = $ADGroup.Substring($ADGroup.IndexOf("\") + 1)

#Get All Members of the AD Group
$GroupMembers = Get-ADGroupMember -Identity $ADGroupName -Recursive

Write-host "Total Members Found:"$GroupMembers.Count

#Get Display Name, Member Type and SamAccountName Properties
$GroupMembers | Select-Object @{Name="Display Name";Expression={$_.Name}},
                @{Name="Type";Expression={$_.objectClass}},
                @{Name="Account";Expression={$_.SamAccountName}} | Format-Table -AutoSize 

The Get-ADGroupMember cmdlet retrieves the members of the specified AD group (replace “ADGroup” with the actual name of the group you want to query) and selects the Name, SamAccountName, and ObjectClass properties for each member.

PowerShell to Get Members of an Active Directory Group in SharePoint

Although you can get AD group members using Get-ADGroupMember cmdlet to query the Active Directory, Here is the native way to get users of an Active Directory group from SharePoint.

Add-PSSnapin Microsoft.SharePoint.Powershell -ErrorAction SilentlyContinue

#Define Variables
$WebURL = "https://intranet.crescent.com"
$ADGroupName = "Crescent\Deal_Pipeline"

#Get the Web
$web = Get-SPWeb $WebURL

#Resolve the AD Group in SharePoint
$ADGroup = $web.EnsureUser($ADGroupName)
$ReachedMax = $False

#Get All Users of the AD Group
$Users = [Microsoft.SharePoint.Utilities.SPUtility]::GetPrincipalsInGroup($web, $ADGroup, 10, [ref]$ReachedMax) 

$Users | Select DisplayName, LoginName, Email, JobTitle

This PowerShell script gets you all users of a given AD group.

Salaudeen Rajack

Salaudeen Rajack - Information Technology Expert with Two-decades of hands-on experience, specializing in SharePoint, PowerShell, Microsoft 365, and related products. He has held various positions including SharePoint Architect, Administrator, Developer and consultant, has helped many organizations to implement and optimize SharePoint solutions. Known for his deep technical expertise, He's passionate about sharing the knowledge and insights to help others, through the real-world articles!

Leave a Reply

Your email address will not be published. Required fields are marked *